DROPS

Document

Forensic Computing (Dagstuhl Seminar 13482)

Authors: Felix C. Freiling, Gerrit Hornung, and Radim Polcák

Published in: Dagstuhl Reports, Volume 3, Issue 11 (2014)

Abstract

Forensic computing} (sometimes also called digital forensics, computer forensics or IT forensics) is a branch of forensic science pertaining to digital evidence, i.e., any legal evidence that is processed by digital computer systems or stored on digital storage media. Forensic computing is a new discipline evolving within the intersection of several established research areas such as computer science, computer engineering and law. Forensic computing is rapidly gaining importance since the amount of crime involving digital systems is steadily increasing. Furthermore, the area is still underdeveloped and poses many technical and legal challenges. This Dagstuhl seminar brought together researchers and practitioners from computer science and law covering the diverse areas of forensic computing. The goal of the seminar was to further establish forensic computing as a scientific research discipline, to identify the strengths and weaknesses of the research field, and to discuss the foundations of its methodology. The seminar was jointly organized by Prof.Dr. Felix Freiling (Friedrich-Alexander-Universität Erlangen-Nürnberg, Germany), Prof.Dr. Radim Polcák (Masaryk University, Czech Republic), Prof.Dr. Gerrit Hornung (Universität Passau, Germany). It was attended by 22 participants and its structure was based on experiences from a similar seminar in 2011 (Dagstuhl Seminar 11401).

Cite as

Felix C. Freiling, Gerrit Hornung, and Radim Polcák. Forensic Computing (Dagstuhl Seminar 13482). In Dagstuhl Reports, Volume 3, Issue 11, pp. 193-208, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2014)

Copy BibTex To Clipboard

@Article{freiling_et_al:DagRep.3.11.193,
  author =	{Freiling, Felix C. and Hornung, Gerrit and Polc\'{a}k, Radim},
  title =	{{Forensic Computing (Dagstuhl Seminar 13482)}},
  pages =	{193--208},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2014},
  volume =	{3},
  number =	{11},
  editor =	{Freiling, Felix C. and Hornung, Gerrit and Polc\'{a}k, Radim},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagRep.3.11.193},
  URN =		{urn:nbn:de:0030-drops-44426},
  doi =		{10.4230/DagRep.3.11.193},
  annote =	{Keywords: practical experience in forensics and law; applied forensic computing}
}

Document

DOI: 10.4230/DagRep.1.10.1

Forensic Computing (Dagstuhl Seminar 11401)

Authors: Felix C. Freiling, Dirk Heckmann, Radim Polcák, and Joachim Posegga

Published in: Dagstuhl Reports, Volume 1, Issue 10 (2012)

Abstract

Forensic computing (sometimes also called digital forensics, computer forensics or IT forensics) is a branch of forensic science pertaining to digital evidence, i.e., any legal evidence that is processed by digital computer systems or stored on digital storage media. Forensic computing is a new discipline evolving within the intersection of several established research areas such as computer science, computer engineering and law. Forensic computing is rapidly gaining importance since the amount of crime involving digital systems is steadily increasing. Furthermore, the area is still underdeveloped and poses many technical and legal challenges. This Dagstuhl seminar brought together researchers and practitioners from computer science and law covering the diverse areas of forensic computing. The goal of the seminar was to further establish forensic computing as a scientific research discipline, to identify the strengths and weaknesses of the research field, and to discuss the foundations of its methodology. The seminar was jointly organized by Prof. Dr. Felix Freiling (Friedrich-Alexander University Erlangen-Nuremberg, Germany), Prof. Dr. Dirk Heckmann (University of Passau, Germany), Prof. Dr. Radim Polcàk (Masaryk University, Czech Republic), Prof. Dr. Joachim Posegga (University of Passau, Germany), and Dr. Roland Vogl (Stanford University, USA). It was attended by 27 participants.

Cite as

Felix C. Freiling, Dirk Heckmann, Radim Polcák, and Joachim Posegga. Forensic Computing (Dagstuhl Seminar 11401). In Dagstuhl Reports, Volume 1, Issue 10, pp. 1-13, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2012)

Copy BibTex To Clipboard

@Article{freiling_et_al:DagRep.1.10.1,
  author =	{Freiling, Felix C. and Heckmann, Dirk and Polc\'{a}k, Radim and Posegga, Joachim},
  title =	{{Forensic Computing (Dagstuhl Seminar 11401)}},
  pages =	{1--13},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2012},
  volume =	{1},
  number =	{10},
  editor =	{Freiling, Felix C. and Heckmann, Dirk and Polc\'{a}k, Radim and Posegga, Joachim},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagRep.1.10.1},
  URN =		{urn:nbn:de:0030-drops-33691},
  doi =		{10.4230/DagRep.1.10.1},
  annote =	{Keywords: forensic teaching; practical experience in forensics and law; selective imaging; mobile phone forensics; cryptographic hash functions}
}

Document

DOI: 10.4230/DagSemProc.06371.1

06371 Abstracts Collection – From Security to Dependability

Authors: Christian Cachin, Felix C. Freiling, and Jaap-Henk Hoepman

Published in: Dagstuhl Seminar Proceedings, Volume 6371, From Security to Dependability (2007)

Abstract

From 10.09.06 to 15.09.06, the Dagstuhl Seminar 06371 ``From Security to Dependability'' was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available.

Cite as

Christian Cachin, Felix C. Freiling, and Jaap-Henk Hoepman. 06371 Abstracts Collection – From Security to Dependability. In From Security to Dependability. Dagstuhl Seminar Proceedings, Volume 6371, pp. 1-19, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2007)

Copy BibTex To Clipboard

@InProceedings{cachin_et_al:DagSemProc.06371.1,
  author =	{Cachin, Christian and Freiling, Felix C. and Hoepman, Jaap-Henk},
  title =	{{06371 Abstracts Collection – From Security to Dependability}},
  booktitle =	{From Security to Dependability},
  pages =	{1--19},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2007},
  volume =	{6371},
  editor =	{Christian Cachin and Felix C. Freiling and Jaap-Henk Hoepman},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.06371.1},
  URN =		{urn:nbn:de:0030-drops-8532},
  doi =		{10.4230/DagSemProc.06371.1},
  annote =	{Keywords: Fault-tolerance, safety, distributed computing, language-based security, cryptography}
}

Document

DOI: 10.4230/DagSemProc.06371.2

06371 Executive Summary – From Security to Dependability

Authors: Christian Cachin, Felix C. Freiling, and Jaap-Henk Hoepman

Published in: Dagstuhl Seminar Proceedings, Volume 6371, From Security to Dependability (2007)

Abstract

This seminar brought together researchers and practitioners from the different areas of dependability and security, in particular, from fault-tolerance, safety, distributed computing, langelanguage-based security, and cryptography. The aim was to discuss common problems faced by research in these areas, the differences in their respective approaches, and to identify research challenges in this context.

Cite as

Christian Cachin, Felix C. Freiling, and Jaap-Henk Hoepman. 06371 Executive Summary – From Security to Dependability. In From Security to Dependability. Dagstuhl Seminar Proceedings, Volume 6371, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2007)

Copy BibTex To Clipboard

@InProceedings{cachin_et_al:DagSemProc.06371.2,
  author =	{Cachin, Christian and Freiling, Felix C. and Hoepman, Jaap-Henk},
  title =	{{06371 Executive Summary – From Security to Dependability}},
  booktitle =	{From Security to Dependability},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2007},
  volume =	{6371},
  editor =	{Christian Cachin and Felix C. Freiling and Jaap-Henk Hoepman},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.06371.2},
  URN =		{urn:nbn:de:0030-drops-8512},
  doi =		{10.4230/DagSemProc.06371.2},
  annote =	{Keywords: Fault-tolerance, safety, distributed computing, language-based security, cryptography}
}

Document

DOI: 10.4230/DagSemProc.06371.3

Abstracting out Byzantine Behavior

Authors: Peter Druschel, Andreas Haeberlen, and Petr Kouznetsov

Published in: Dagstuhl Seminar Proceedings, Volume 6371, From Security to Dependability (2007)

Abstract

Many distributed systems are designed to tolerate the presence of emph{Byzantine} failures: an individual process may arbitrarily deviate from the algorithm assigned to it. Depending on the application requirements, systems enjoy various levels of fault-tolerance. Systems based on state machine replication are able to emph{mask} failures so that their effect is not visible by the application. In contrast, cooperative peer-to-peer systems can tolerate bounded deviant behavior to some extent and therefore do not require masking, as long as each faulty node is emph{exposed}eventually. Finding an abstract way to reason about the levels of fault-tolerance is thus of immanent importance. We discuss how the information of deviant behavior can be abstracted out in the form of a emph{Byzantine failure detector} (BFD). We formally define a BFD abstraction, and we discuss two ways of using the abstraction: (1) monitoring systems in order to retroactively detect Byzantine failures and (2) enforcing systems in order to boost their level of fault-tolerance. Interestingly, the BFD formalism allowed us to determine the relative hardness of implementing two popular abstractions in distributed computing: state machine replication and weak interactive consistency.

Cite as

Peter Druschel, Andreas Haeberlen, and Petr Kouznetsov. Abstracting out Byzantine Behavior. In From Security to Dependability. Dagstuhl Seminar Proceedings, Volume 6371, pp. 1-12, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2007)

Copy BibTex To Clipboard

@InProceedings{druschel_et_al:DagSemProc.06371.3,
  author =	{Druschel, Peter and Haeberlen, Andreas and Kouznetsov, Petr},
  title =	{{Abstracting out Byzantine Behavior}},
  booktitle =	{From Security to Dependability},
  pages =	{1--12},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2007},
  volume =	{6371},
  editor =	{Christian Cachin and Felix C. Freiling and Jaap-Henk Hoepman},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.06371.3},
  URN =		{urn:nbn:de:0030-drops-8501},
  doi =		{10.4230/DagSemProc.06371.3},
  annote =	{Keywords: Fault-tolerance, Byzantine failures, masking, detection, total order broadcast, weak interactive consistency}
}

Document

DOI: 10.4230/DagSemProc.06371.4

Denial of Service Protection with Beaver

Authors: Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Romanov, and Avital Yachin

Published in: Dagstuhl Seminar Proceedings, Volume 6371, From Security to Dependability (2007)

Abstract

We present Beaver, a method and architecture to ``build dams'' to protect servers from Denial of Service (DoS) attacks. Beaver allows efficient filtering of DoS traffic using low-cost, high-performance, readily-available packet filtering mechanisms. Beaver improves on previous solutions by not requiring cryptographic processing of messages, allowing the use of efficient routing (avoiding overlays), and establishing keys and state as needed. We present two prototype implementations of Beaver, one as part of IPSec in a Linux kernel, and a second as an NDIS hook driver on a Windows machine. Preliminary measurements illustrate that Beaver withstands severe DoS attacks without hampering the client-server communication. Moreover, Beaver is simple and easy to deploy.

Cite as

Gal Badishi, Idit Keidar, Amir Herzberg, Oleg Romanov, and Avital Yachin. Denial of Service Protection with Beaver. In From Security to Dependability. Dagstuhl Seminar Proceedings, Volume 6371, pp. 1-6, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2007)

Copy BibTex To Clipboard

@InProceedings{badishi_et_al:DagSemProc.06371.4,
  author =	{Badishi, Gal and Keidar, Idit and Herzberg, Amir and Romanov, Oleg and Yachin, Avital},
  title =	{{Denial of Service Protection with Beaver}},
  booktitle =	{From Security to Dependability},
  pages =	{1--6},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2007},
  volume =	{6371},
  editor =	{Christian Cachin and Felix C. Freiling and Jaap-Henk Hoepman},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.06371.4},
  URN =		{urn:nbn:de:0030-drops-8492},
  doi =		{10.4230/DagSemProc.06371.4},
  annote =	{Keywords: Denial of Service}
}

Document

DOI: 10.4230/DagSemProc.06371.5

Towards bounded wait-free PASIS

Authors: Michael Abd-El-Malek, Gregory R. Ganger, Garth R. Goodson, Michael K. Reiter, and Jay J. Wylie

Published in: Dagstuhl Seminar Proceedings, Volume 6371, From Security to Dependability (2007)

Abstract

The PASIS read/write protocol implements a Byzantine fault-tolerant erasure-coded atomic register. The prototype PASIS storage system implementation provides excellent best-case performance. Writes require two round trips and contention- and failure-free reads require one. Unfortunately, even though writes and reads are wait-free in PASIS, Byzantine components can induce correct clients to perform an unbounded amount of work. In this extended abstract, we enumerate the avenues by which Byzantine servers and clients can induce correct clients to perform an unbounded amount of work in PASIS. We sketch extensions to the PASIS protocol and Lazy Verification that bound the amount of work Byzantine components can induce correct clients to perform. We believe that the extensions provide bounded wait-free reads and writes. We also believe that an implementation that incorporates these extensions will preserve the excellent best-case performance of the original PASIS prototype.

Cite as

Michael Abd-El-Malek, Gregory R. Ganger, Garth R. Goodson, Michael K. Reiter, and Jay J. Wylie. Towards bounded wait-free PASIS. In From Security to Dependability. Dagstuhl Seminar Proceedings, Volume 6371, pp. 1-4, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2007)

Copy BibTex To Clipboard

@InProceedings{abdelmalek_et_al:DagSemProc.06371.5,
  author =	{Abd-El-Malek, Michael and Ganger, Gregory R. and Goodson, Garth R. and Reiter, Michael K. and Wylie, Jay J.},
  title =	{{Towards bounded wait-free PASIS}},
  booktitle =	{From Security to Dependability},
  pages =	{1--4},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2007},
  volume =	{6371},
  editor =	{Christian Cachin and Felix C. Freiling and Jaap-Henk Hoepman},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.06371.5},
  URN =		{urn:nbn:de:0030-drops-8488},
  doi =		{10.4230/DagSemProc.06371.5},
  annote =	{Keywords: Byzantine fault-tolerant, erasure-coded storage, bounded wait-free, non-skipping timestamps}
}

7 Search Results for "Freiling, Felix C."

Forensic Computing (Dagstuhl Seminar 13482)

Abstract

Cite as

Forensic Computing (Dagstuhl Seminar 11401)

Abstract

Cite as

06371 Abstracts Collection – From Security to Dependability

Abstract

Cite as

06371 Executive Summary – From Security to Dependability

Abstract

Cite as

Abstracting out Byzantine Behavior

Abstract

Cite as

Denial of Service Protection with Beaver

Abstract

Cite as

Towards bounded wait-free PASIS

Abstract

Cite as

Thanks for your feedback!

Could not send message